aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/skinny.pcap.out
diff options
context:
space:
mode:
authorIvan Nardi <12729895+IvanNardi@users.noreply.github.com>2023-06-23 08:12:40 +0200
committerGitHub <noreply@github.com>2023-06-23 08:12:40 +0200
commit7e64d9f66d130d5c28dc230c47017e2ef3ea62e2 (patch)
tree6360866c5e99a27c3580c1878970ac7b970d271f /tests/cfgs/default/result/skinny.pcap.out
parent15f0e1480c4324afa0350fa7f1d839d2dc4fc1fa (diff)
RTP: rework code (#2021)
Try avoiding false positives: look for 3 RTP packets before classifing the flow as such. Add a generic function `is_rtp_or_rtcp()` to identify RTP/RTCP packets also in other dissectors (see 3608ab01b commit message for an example)
Diffstat (limited to 'tests/cfgs/default/result/skinny.pcap.out')
-rw-r--r--tests/cfgs/default/result/skinny.pcap.out14
1 files changed, 7 insertions, 7 deletions
diff --git a/tests/cfgs/default/result/skinny.pcap.out b/tests/cfgs/default/result/skinny.pcap.out
index 537a7e036..05ae3dbe3 100644
--- a/tests/cfgs/default/result/skinny.pcap.out
+++ b/tests/cfgs/default/result/skinny.pcap.out
@@ -1,10 +1,10 @@
Guessed flow protos: 0
DPI Packets (TCP): 3 (1.00 pkts/flow)
-DPI Packets (UDP): 5 (1.00 pkts/flow)
+DPI Packets (UDP): 15 (3.00 pkts/flow)
DPI Packets (other): 1 (1.00 pkts/flow)
Confidence DPI : 9 (flows)
-Num dissector calls: 19 (2.11 diss/flow)
+Num dissector calls: 659 (73.22 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache zoom: 0/0/0 (insert/search/found)
@@ -26,11 +26,11 @@ ICMP 2 140 1
RTP 2871 614394 5
CiscoSkinny 94 10114 3
- 1 UDP 192.168.195.58:32144 <-> 192.168.195.50:17718 [proto: 87/RTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Media/1][730 pkts/156220 bytes <-> 712 pkts/152368 bytes][Goodput ratio: 80/80][7.28 sec][RTP Stream Type: audio][bytes ratio: 0.012 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/7 20/20 9/9][Pkt Len c2s/s2c min/avg/max/stddev: 214/214 214/214 214/214 0/0][PLAIN TEXT (zwwtvutz)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 UDP 192.168.195.58:32150 -> 192.168.193.24:9395 [proto: 87/RTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Media/1][365 pkts/78110 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][7.28 sec][RTP Stream Type: audio][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 19/0 20/0 20/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 214/0 214/0 214/0 0/0][PLAIN TEXT (zwwtvutz)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 3 UDP 192.168.195.58:32152 -> 192.168.193.24:9396 [proto: 87/RTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Media/1][356 pkts/76184 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][7.10 sec][RTP Stream Type: audio][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 19/0 20/0 20/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 214/0 214/0 214/0 0/0][PLAIN TEXT (wskptvv)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 4 UDP 192.168.195.50:17726 -> 192.168.193.24:9399 [proto: 87/RTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Media/1][355 pkts/75970 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][7.08 sec][RTP Stream Type: audio][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 19/0 20/0 20/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 214/0 214/0 214/0 0/0][PLAIN TEXT (wskptvv)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 5 UDP 192.168.195.50:17732 -> 192.168.193.24:9400 [proto: 87/RTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Media/1][353 pkts/75542 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][7.04 sec][RTP Stream Type: audio][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 19/0 20/0 20/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 214/0 214/0 214/0 0/0][PLAIN TEXT (xwwsvyux)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 UDP 192.168.195.58:32144 <-> 192.168.195.50:17718 [proto: 87/RTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 3][cat: Media/1][730 pkts/156220 bytes <-> 712 pkts/152368 bytes][Goodput ratio: 80/80][7.28 sec][RTP Stream Type: audio][bytes ratio: 0.012 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/7 20/20 9/9][Pkt Len c2s/s2c min/avg/max/stddev: 214/214 214/214 214/214 0/0][PLAIN TEXT (zwwtvutz)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 UDP 192.168.195.58:32150 -> 192.168.193.24:9395 [proto: 87/RTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 3][cat: Media/1][365 pkts/78110 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][7.28 sec][RTP Stream Type: audio][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 19/0 20/0 20/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 214/0 214/0 214/0 0/0][PLAIN TEXT (zwwtvutz)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 3 UDP 192.168.195.58:32152 -> 192.168.193.24:9396 [proto: 87/RTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 3][cat: Media/1][356 pkts/76184 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][7.10 sec][RTP Stream Type: audio][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 19/0 20/0 20/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 214/0 214/0 214/0 0/0][PLAIN TEXT (wskptvv)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 4 UDP 192.168.195.50:17726 -> 192.168.193.24:9399 [proto: 87/RTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 3][cat: Media/1][355 pkts/75970 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][7.08 sec][RTP Stream Type: audio][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 19/0 20/0 20/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 214/0 214/0 214/0 0/0][PLAIN TEXT (wskptvv)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 5 UDP 192.168.195.50:17732 -> 192.168.193.24:9400 [proto: 87/RTP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 3][cat: Media/1][353 pkts/75542 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][7.04 sec][RTP Stream Type: audio][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 19/0 20/0 20/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 214/0 214/0 214/0 0/0][PLAIN TEXT (xwwsvyux)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 192.168.195.58:49399 <-> 192.168.193.12:2000 [proto: 164/CiscoSkinny][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: VoIP/10][20 pkts/1628 bytes <-> 28 pkts/3570 bytes][Goodput ratio: 30/56][11.13 sec][bytes ratio: -0.374 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/0 734/479 5931/5892 1663/1376][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 81/128 242/378 41/88][PLAIN TEXT (RIX Meeting Room)][Plen Bins: 45,22,0,0,16,6,3,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 192.168.193.12:2000 <-> 192.168.195.50:51532 [proto: 164/CiscoSkinny][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: VoIP/10][24 pkts/3166 bytes <-> 20 pkts/1624 bytes][Goodput ratio: 58/30][22.92 sec][bytes ratio: 0.322 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 699/417 6999/3582 1749/1018][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 132/81 546/242 116/41][PLAIN TEXT (RIX Meeting Room)][Plen Bins: 50,22,0,0,14,3,3,0,0,3,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 ICMP 192.168.195.50:0 -> 192.168.195.58:0 [proto: 81/ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.